Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/hkjiopDX7eBY42ec1TDVLwik1VM.roa
File: hkjiopDX7eBY42ec1TDVLwik1VM.roa (raw, json)
Hash identifier: uunAJXnHp2yX4eA9Z+Pn3SdAtODthBifkaLAfzwSFqg=
Subject key identifier: 86:48:E2:A2:90:D7:ED:E0:58:E3:67:9C:D5:30:D5:2F:08:A4:D5:53
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01855108FCD03509B59BBD1F558D54223520
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/hkjiopDX7eBY42ec1TDVLwik1VM.roa
Signing time: Tue 27 Dec 2022 00:43:41 +0000
ROA not before: Tue 27 Dec 2022 00:43:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.206.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:51:08:fc:d0:35:09:b5:9b:bd:1f:55:8d:54:22:35:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Dec 27 00:43:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8648e2a290d7ede058e3679cd530d52f08a4d553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f1:72:cb:21:b9:96:6b:52:57:22:1e:eb:fc:
30:07:b8:60:f5:06:de:20:73:21:7e:d3:d1:df:12:
8a:88:ab:23:23:09:f7:27:b7:ae:88:20:9b:8b:e7:
ec:32:8f:77:4c:c3:76:79:2f:f6:55:f6:31:e2:31:
99:06:30:70:16:eb:33:cd:18:e5:43:64:72:27:a2:
a7:f6:05:06:8b:35:9e:54:c0:b8:f8:07:6f:3c:49:
e1:88:4f:46:00:e8:33:b3:82:26:c0:8c:67:aa:1c:
57:2c:e4:c3:f4:1f:7f:93:15:9c:62:a3:ea:fc:4f:
37:34:02:dc:84:dd:e0:48:a6:6a:a7:48:12:00:fb:
f7:07:c7:eb:f4:49:7f:85:c3:89:98:3c:44:6a:09:
31:35:fe:3c:24:bb:0f:fb:16:f4:fe:a4:f4:2a:97:
b8:1e:61:e0:61:1b:f0:32:1b:6e:90:3d:7f:31:f8:
03:13:2f:9c:0a:c9:0f:10:97:27:43:e0:69:e8:d6:
3f:2f:1d:94:09:71:1f:b8:84:2a:30:00:35:43:e9:
6d:7f:a8:f0:4a:b3:75:a0:4c:c7:35:a0:1d:de:21:
e6:64:e5:04:10:7f:50:32:c5:50:99:e9:6c:bb:b4:
12:d9:94:dd:cc:26:ce:a8:89:94:4f:29:54:7a:d4:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:48:E2:A2:90:D7:ED:E0:58:E3:67:9C:D5:30:D5:2F:08:A4:D5:53
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/hkjiopDX7eBY42ec1TDVLwik1VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.39.0/24
45.8.144.0/23
45.67.35.0/24
45.84.0.0/23
45.87.154.0/24
45.159.248.0/22
93.185.166.0/24
141.98.169.0/24
185.231.204.0/22
193.57.138.0/24
194.4.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:6d:00:9b:a3:da:81:92:b6:4f:f0:3d:04:d4:25:16:5c:6b:
22:4d:cb:c4:61:b1:48:2e:fe:f5:50:be:96:59:c9:18:b4:38:
c1:86:54:f9:5e:d6:e2:01:a6:6e:06:29:b0:e1:27:bd:14:41:
45:e6:c9:e8:1f:a7:35:e8:8e:4a:a0:5c:2e:df:f8:ea:b8:8c:
14:ba:1e:41:33:2c:32:e0:c7:89:2e:e0:25:ad:32:e8:ee:3e:
39:67:ee:8b:38:87:ed:10:bb:5f:6c:92:5c:66:28:79:ad:7f:
74:89:d1:0c:42:c3:e0:8e:50:53:33:d7:9c:39:b6:15:5b:81:
a7:66:92:b0:48:41:68:77:3c:42:1f:ef:da:a4:59:d2:96:0d:
95:69:2b:82:4d:d6:31:32:22:50:50:99:57:d9:c6:1f:09:80:
f8:20:0b:48:2a:83:31:74:b7:c6:15:9f:81:fa:16:41:fd:fb:
ae:83:93:79:07:87:ef:16:34:a2:a4:fc:74:ad:69:4d:a6:d5:
63:e7:05:6e:83:89:55:e8:02:41:67:1d:57:fd:6c:b6:12:96:
11:66:4b:c6:a3:a0:44:fb:ff:b4:81:9f:79:33:c5:8f:20:12:
94:4c:12:c8:67:62:81:c8:b8:cf:59:bf:dc:55:b6:66:87:09:
f5:6a:9d:3f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVRCPzQNQm1m70fVY1UIjUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMjI3MDA0MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ4ZTJhMjkwZDdlZGUwNThlMzY3OWNkNTMwZDUyZjA4YTRkNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfFyyyG5lmtSVyIe6/wwB7hg9Qbe
IHMhftPR3xKKiKsjIwn3J7euiCCbi+fsMo93TMN2eS/2VfYx4jGZBjBwFuszzRjl
Q2RyJ6Kn9gUGizWeVMC4+AdvPEnhiE9GAOgzs4ImwIxnqhxXLOTD9B9/kxWcYqPq
/E83NALchN3gSKZqp0gSAPv3B8fr9El/hcOJmDxEagkxNf48JLsP+xb0/qT0Kpe4
HmHgYRvwMhtukD1/MfgDEy+cCskPEJcnQ+Bp6NY/Lx2UCXEfuIQqMAA1Q+ltf6jw
SrN1oEzHNaAd3iHmZOUEEH9QMsVQmelsu7QS2ZTdzCbOqImUTylUetRcvwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIZI4qKQ1+3gWONnnNUw1S8IpNVTMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvaGtqaW9wRFg3ZUJZNDJlYzFURFZMd2lrMVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABbYnAwQB
LQiQAwQALUMjAwQBLVQAAwQALVeaAwQCLZ/4AwQAXbmmAwQAjWKpAwQCuefMAwQA
wTmKAwQCwgQwMA0GCSqGSIb3DQEBCwUAA4IBAQCKbQCbo9qBkrZP8D0E1CUWXGsi
TcvEYbFILv71UL6WWckYtDjBhlT5XtbiAaZuBimw4Se9FEFF5snoH6c16I5KoFwu
3/jquIwUuh5BMywy4MeJLuAlrTLo7j45Z+6LOIftELtfbJJcZih5rX90idEMQsPg
jlBTM9ecObYVW4GnZpKwSEFodzxCH+/apFnSlg2VaSuCTdYxMiJQUJlX2cYfCYD4
IAtIKoMxdLfGFZ+B+hZB/fuug5N5B4fvFjSipPx0rWlNptVj5wVug4lV6AJBZx1X
/Wy2EpYRZkvGo6BE+/+0gZ95M8WPIBKUTBLIZ2KByLjPWb/cVbZmhwn1ap0/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org